Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2001-0555 |
Description: | ScreamingMedia SITEWare versions 2.5 through 3.1 allows a remote attacker to read world-readable files via a .. (dot dot) attack through (1) the SITEWare Editor's Desktop or (2) the template parameter in SWEditServlet. |
Test IDs: | 1.3.6.1.4.1.25623.1.0.55616 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2001-0555 BugTraq ID: 2869 http://www.securityfocus.com/bid/2869 Bugtraq: 20010613 ScreamingMedia SITEWare arbitrary file retrieval vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-06/0165.html Bugtraq: 20010613 ScreamingMedia SITEWare source code disclosure vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-06/0166.html CERT/CC vulnerability note: VU#795707 http://www.kb.cert.org/vuls/id/795707 http://www.osvdb.org/13887 XForce ISS Database: siteware-dot-file-retrieval(6689) https://exchange.xforce.ibmcloud.com/vulnerabilities/6689 |